Been using LanGuard since 2005 and have had a very good experience with it during that time. Almost exclusively used for patching, but have also run full security scans against machines for various reasons.
However, I just received my renewal quote for 2016, and it went up nearly 2.2x. GFI raised renewal prices an even greater percentage a few years ago, in 2012. If I were to continue using LanGuard it would now cost more annually than our corporate antivirus solution -- and I'm not talking simply antivirus for desktops, but for all servers, gateways, separate email-server protection, desktops, web proxy, and a full management console. It's GFI's choice, obviously, but I think they're nuts.
In addition, they're converting to a reseller model starting Feb 1, 2016. That may or may not be an improvement for customers. Regardless, the transition is a nuisance on top of being asked to pay dramatically more for the product.
If the quote is correct, I'll very quickly turn into an ex-customer, after 11 years. No way to justify a patching solution at the renewal price they are quoting. I can't imagine what it must now cost new.

Been a customer since 2001, with many companies. Recently, after a three year agreement they want to triple the cost of maintenance and move me to a subscription plan, thus negating my original investment. Very unethical at best. The Wingzfan99 and Scott magic reviews are as if I wrote it myself. I have it running on a 64gig monster box with ssd drives and if you click too quickly it freezes the GUI. Been that way for 8 years. You can't have more than one instance of the GUI open on the server without getting an error message.
Looking for an alternative as my maintenance has expired.

Earlier this year we were looking for a new patch management system that could handle third party applications along with Windows & Linux patches. GFI LanGuard does exactly this and so much more! With GFI LanGuard we are able to get an accurate vulnerability view of each machine on our network! As with many networks our network is spread over the WAN, and patching these remote sites is easy. LanGuard has the ability to setup a relay at those remote sites there fore taking the stress out of the VPN connection, and allowing us to patch them remotely. LanGuard also allows you to schedule your updates automatically, just imagine no more Flash or Java updates! I am very satisfied with this product, anyone looking at a patch management/vulnerability should definitely check out this software.

I've used this to patch a wide variety of machines on multiple networks and I've been really impressed. Especially when used in conjunction with a WSUS server for the repository, it's a very good solution.

GFI LanGuard 2015 is decent at best.
While it has proven to be extremely useful for patching and tracking vulnerabilities, the overall experience of using the software takes too much away from it's abilities.
No matter what kind of resources I throw at our GFI server, physical or virtual, it is slow. Molasses in Alaska slow. You have to click gingerly to avoid making it angry, lest you end up rebooting the server (because ending the main program doesn't gracefully terminate other processes it was running).
Full scans take forever, and agent scans regularly fail for no apparent reason. Recently, out of nowhere and with no changes to the environment or to GFI's settings, scans have started telling me that the user credentials provided are incorrect -- the same credentials I've been using since we started with LanGuard back in 2013, without issue.
There is no consistency in how you schedule or manage certain operations. For example, I can set up as many scheduled remediations as I want, but I can only run one scan operation at a time with no ability to queue them up or add more nodes to the currently running scan.
Patching itself is a tricky deal. When updates are deployed, GFI starts communicating with the agent on the target machine, asking "are you done yet? how about now? are you done yet?" and if the agent doesn't say yes on one particular update, it says the entire remediation failed! Yes, you can up the timeout period, but not every update will install in the same amount of time (Office service packs, anyone?). Set the timeout too low, and everything will report that it failed... set it too high, and your remediation might run forever.
Did I mention that there is no way to set the timeframe in which your remote relay agents are allowed to pull updates from the main server? RIP bandwidth.
Overall, GFI does what it says it does -- pushes patches out to workstations. It requires a good deal of frustration and effort, however, to make it happen.

Hello wingzfan99. We are very sorry that your experience with GFI LanGuard has not been positive. Someone from our support team would be very happy to discuss any problems you may have encountered. Feel free to contact me on marketing@gfi.com with your details and we'll be in touch. David.

We purchased this product to run vulnerability scans, updating patches, hardware and software inventory. All of those features work good and are easy to setup and run. I was impressed with the pre configured reports. I wish it was a bit easier to customize reports. Have not had any support issues, so not sure how well the support is.

The product works, mostly, as advertised. I originally introduced it into my environment running full scans across 1200+ devices. The SQL database grew very quickly and I constantly had database back-end connection issues. Tech support always advised me to clear out the database and start over which is frustrating when you're trying to draw up compliance reports.
I have since trimmed down the scans to just Windows updates and it has performed well and I have received less database connection issues.

I used GFI LANguard for over 10 years. In that time it went from the best product to an also ran in my opinion. It got bloated and missed things would get stuck and apply patches more than once, I finally just dropped it and went with a built in MS solution more expensive but easier to manage on the end.

I've used/tested/and trialed a few products from GFI over the years, and while their products seem to do the job as advertised, GFI will never EVER leave you alone after that. I still get emails from them and haven't tried anything from them in 3 years. As yet more examples of their "spam" it seems every iteration of the same software must be listed here. Is there really a need to differentiate the same product with how many licenses it includes? NO! Yet it's listed here 27.9 times, all for the same product. (although maybe that's not their fault) however if it is, someone should remove their "submit" button.

I have been using LanGuard in demo mode but will be converting this to a paid product to manage up to 400 devices.
It is able to work in tandem with my WSUS installation and so far I have been able to patch all scanned systems without issue. The ability to deploy software from within the application is a plus although I still use PDQ fro the Lion's share of this task.
Vulnerability scanning also ensures that we leave no hole unplugged.
The added option of a central web console would be a welcome addition but this is really no big issue.

I have to say I expected much more from this product, but in the end was sort of disappointed with how it worked. I had various issues from deployment of scheduled patches, to servers rebooting even when I had it set not to. I did not renew my contract with GFI and I WSUS is still the way to go. For patches outside of Microsoft PDQDeploy and Vipre's patch management help solidify my patching requirements.

While the prodcut does have some really attractive features, Im finding the reliability to be quite questionable. It has not been able to install Silverlight or Adobe patches reliably, and on some machines it shows various security and service pack patches needed that were previously applied via Windows update. If you once had an older version of Adobe reader that has since been uninstalled, it will frequently show that the older version needs patched. If I run the baseline security analyzer against a machine and it shows fully patched, GFI will often show that patches are missing. When you try to apply those patches, it shows a successful install, then a rescan shows the same patches needed again even after a reboot. Also machines that are set to No Auto Remediate are suddenly being remediated, which got me in some trouble. When you look at the discovered vulnerabilities results, you have the option to acknowledge and ignore a vulnerability for the entire network, which is supposed to keep it from showing up as a vulnerability in the future, but it doesnt work. Also tech support is awful. You open a case and they email you sometimes the next day, other times a few days later, wanting you to respond to the case when you haven't heard from anyone yet. At first I was a fan, but the deeper I dig, the less true that becomes. I think that when our licensing runs out I will look at other solutions.

I've been using LANguard for the past 3 years and I've seen many improvements from when I started using version 9 to the current 2011 version.
LANguard does a pretty good job with remediation for both Windows and Third party patches. Patches apply silently and all have applied properly after reboot. I've set up scans for auto-remediation (with and without scheduled reboot) and for manual remediation of these patches. I have noticed that LANguard will not patch all of the optional Windows updates, so I am planning on using WSUS with it to address this issue.
New features that have helped me in the 2011 version are:
- Wake On LAN support
- Ability to schedule a remediation reboot at any time instead of immediately after deployment
- The ability to group PCs and servers using attributes
- Enhanced the recurrence pattern for scheduled scans (e.g. biweekly scans on Wednesday and Saturday nights at 8 pm)
- Deployment of custom software and scripts
I have one recommendation with scanning for missing patches. Go through the missing patches profile and unselect old patches, language packs, and third party software updates that are not going to be on your network. I removed all of the Windows 2000 patches, Firefox language packs, certain third party software updates from the scan and I did notice a decent increase in scan time. This might take a while to do, but it was worth it for me.
Overall, this software has been great for patching. I would recommend it to anyone looking for an easy to use remedation software.

Although LANGuard seemed to be the best option when I read various reviews, my trial left me feeling it was OK but not amazing. Maybe it's because I was running it on my PC rather than a server.
My findings:
• Slow to load (at least on my PC) and had scan problems unless the agent was installed on the remote computer being scanned.
• Good for getting visibility of MS patch status.
• Only way to get visibility of non-MS patch status. Becomes aware of new patches a few days after their release.
• No way to say “Yes I know about that and I’m happy with it”. This could be irritating particularly for the “vulnerable configuration” type of problem where there’s nothing we can do about it.
• When reviewing vulnerabilities, doesn’t automatically show list of affected computers. However, it does highlight areas that may warrant attention.
• Doesn’t always tell you what you can do about “vulnerabilities”. (It’s likely there are some you can’t do anything about.)
• Didn’t detect a virtual server as being a virtual server – not sure how much this matters.
• Tested patch installation directly from LANGuard to normal PCs OK. Testing the same thing on servers caused a timeout error, although the actual updates did seem to have been installed. Would normally install updates directly on the server anyway.
• Can use patch files already downloaded by WSUS.
Verdict: Not perfect but generally seemed suitable for the problems we were trying to solve.
My only hesitation about buying LANGuard is the niggles and delays waiting for tech support. If anyone knows of a better alternative please let me know!